[Resolvido!] Analise de log

fabsc · Julho 5, 2010

Olá, sou novo no fórum e venho pedir uma análise a vocês,

pois meu computador com certeza está com algum tipo de problema,

eu habilito a barra de menu rápido, e ela some, ai eu vou olhar, ela esta desmarcada,

também já ativei no gpedit.msc pra dexar ativada direto, e ela não aparece,

e quase todas as vezes que eu reinicio o pc, e vou iniciar o firefox ele fala que falta um tal de xull.dll, algo assim, ai eu tenho que instalar novamente,

e o mais importante as letras estão todas ruins, ex: pra digitar é normal, só que tem alguns programas que não são encode que o acento fica "zuado"...por ex, em ANSI.

FOTO'>http://img822.imageshack.us/img822/9266/77423767.jpg"]FOTO 1 - FOTO'>http://img808.imageshack.us/img808/9103/34853673.jpg"]FOTO 2 - FOTO'>http://img822.imageshack.us/img822/3772/35590177.jpg"]FOTO 3

desde já tive uma boa impressão do fórum nos logs resolvidos...

Segue abaixo o LOG:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:34:49, on 04/07/2010

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\EDIMAX\Common\RaUI.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\Jhon\Downloads\HiJackThis(2).exea

C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll

O2 - BHO: Flash Video Decoder for FLV - {D1E696A9-FDF6-499D-BCFC-E6C5F10602E1} - C:\Windows\SysWOW64\flash101flv.dll

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICO DE REDE')

O4 - Global Startup: AutorunsDisabled

O4 - Global Startup: Wireless Utility.lnk = C:\Program Files (x86)\EDIMAX\Common\RaUI.exe

O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Serviço de estado do ASP.NET (aspnet_state) - Unknown owner - (no file)

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Nero AG - (no file)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files (x86)\Scpad\scpVista.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: WMPNetworkSvc - Unknown owner - (no file)

--

End of file - 6830 bytes

wings · Julho 6, 2010

Boa noite.....

Em relação ao problema de xul.dll:

*Baixe novamente o Firefox e salve-o no desktop

*Desinstale a versão já instalada

*Durante a instalação, altere o local de destino para a seguinte pasta C:\Arquivos de programas\Firefox

1.

*Baixe o MalwareBytes Anti-malware e salve-o no desktop

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\)

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Cole-o na sua próxima resposta

fabsc · Julho 6, 2010

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Versمo da Base de Dados: 4052

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18904

06/07/2010 02:30:05

mbam-log-2010-07-06 (02-30-05).txt

Tipo de Verificaçمo: Verificaçمo Completa (C:\|D:\|)

Objetos escaneados: 435197

Tempo decorrido: 1 hora(s), 8 minuto(s), 25 segundo(s)

Processos de Memَria Infectados: 0

Mَdulos de Memَria Infectados: 2

Chaves de Registro Infectadas: 1

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 1

Arquivos Infectados: 5

Processos de Memَria Infectados:

(Nمo foram detectados يtens maliciosos)

Mَdulos de Memَria Infectados:

C:\Users\Jhon\AppData\Local\Temp\E_4\krnln.fnr (Worm.AutoRun) -> Delete on reboot.

C:\Users\Jhon\AppData\Local\Temp\E_4\xplib.fne (Worm.AutoRun) -> Delete on reboot.

Chaves de Registro Infectadas:

HKEY_CURRENT_USER\SOFTWARE\FlySky (Malware.Trace) -> Quarantined and deleted successfully.

Valores de Registro Infectados:

(Nمo foram detectados يtens maliciosos)

Itens de Dados no Registro Infectados:

(Nمo foram detectados يtens maliciosos)

Pastas Infectadas:

C:\Users\Jhon\AppData\Local\Temp\E_4 (Worm.AutoRun) -> Delete on reboot.

Arquivos Infectados:

C:\Users\Jhon\Desktop\desktop\TOIM\Sprut + Pega Ip\Capturar.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\Jhon\Downloads\PASTAS\Heaventools PE Explorer v1.99 R5 + Keygen-Patch [RH]\HTPEEX.1.99.R5_[RH]\Heaventools PE Explorer v1.99 R5\Keygen-Patch\PE Explorer_Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Users\Jhon\AppData\Local\Temp\E_4\krnln.fne (Worm.AutoRun) -> Quarantined and deleted successfully.

C:\Users\Jhon\AppData\Local\Temp\E_4\krnln.fnr (Worm.AutoRun) -> Delete on reboot.

C:\Users\Jhon\AppData\Local\Temp\E_4\xplib.fne (Worm.AutoRun) -> Delete on reboot.

wings · Julho 6, 2010

1.

*Desative o UAC

Clique em Iniciar > Painel de Controle > Contas de Usuários > Ativar ou Desativar Contas de Usuários > Confirme > Continuar > Desmarque "Utilizar o Controle de Conta de Usuário (UAC) para ajudar a proteger o computador" > OK > Confirme > Reinicie o PC

2.

*Desative temporariamente seu antivírus

*Baixe o USBFix e salve-o no desktop

*Conecte o Pendrive no PC

*Duplo clique em UsbFix

*Clique em [Pesquisa] e aguarde o término

*Remova o Pendrive

*Cole o relatório criado em C:\UsbFix.txt

fabsc · Julho 6, 2010

############################## | UsbFix 7.016 | [Pesquisa]

Usu?rio: Jhon (Administrador) # MUONLINE [system manufacturer P5QL-E]

Atualizado em 05/07/10 por El Desaparecido / C_XX

Começou em 16:15:58 | 06/07/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

CPU: Intel® Core2 Quad CPU Q9400 @ 2.66GHz

CPU 2: Intel® Core2 Quad CPU Q9400 @ 2.66GHz

Microsoft® Windows Vista™ Ultimate (6.0.6001 64-Bit) # Service Pack 1

Internet Explorer 8.0.6001.18904

Windows Firewall: Habilitado

RAM -> 8190 Mb

C:\ (%systemdrive%) -> Disco fixo # 293 Gb (223 Mb livre - 76%) [WINDOS VISTA] # NTFS

D:\ -> Disco fixo # 195 Gb (188 Mb livre - 96%) [Programas] # NTFS

E:\ -> Disco fixo # 146 Gb (142 Mb livre - 97%) [WINDOWS XP] # NTFS

F:\ -> Disco fixo # 297 Gb (271 Mb livre - 91%) [Fernando] # NTFS

G:\ -> CD-ROM

J:\ -> Disco remov?vel # 4 Gb (2 Mb livre - 60%) [sAULO] # FAT32

################## | Ficheiros # pastas infeciosos |

Presente ! C:\Users\Jhon\AppData\Local\Temp\E_4

Presente ! C:\Users\Jhon\AppData\Local\Temp\E_4\krnln.fne

Presente ! C:\Users\Jhon\AppData\Local\Temp\E_4\krnln.fnr

Presente ! C:\Users\Jhon\AppData\Local\Temp\E_4\xplib.fne

################## | Registro |

Presente ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools

Presente ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{2eeb8904-0910-11de-9042-8b2ebe2af294}

Shell\AutoRun\Command = H:\vs\autorun.exe

################## | Vaccin |

(!) Este computador n?o é vacinada!

################## | E.O.F |

wings · Julho 6, 2010

*Conecte novamente o Pendrive no PC

*Duplo clique em UsbFix

*Clique em [supressão] e aguarde o término

*Remova o Pendrive

*Cole o relatório criado em C:\UsbFix.txt

fabsc · Julho 6, 2010

############################## | UsbFix 7.016 | [supress?o]

Usu?rio: Jhon (Administrador) # MUONLINE [system manufacturer P5QL-E]

Atualizado em 05/07/10 por El Desaparecido / C_XX

Começou em 16:43:56 | 06/07/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

CPU: Intel® Core2 Quad CPU Q9400 @ 2.66GHz

CPU 2: Intel® Core2 Quad CPU Q9400 @ 2.66GHz

Microsoft® Windows Vista™ Ultimate (6.0.6001 64-Bit) # Service Pack 1

Internet Explorer 8.0.6001.18904

Windows Firewall: Habilitado

RAM -> 8190 Mb

C:\ (%systemdrive%) -> Disco fixo # 293 Gb (223 Mb livre - 76%) [WINDOS VISTA] # NTFS

D:\ -> Disco fixo # 195 Gb (188 Mb livre - 96%) [Programas] # NTFS

E:\ -> Disco fixo # 146 Gb (142 Mb livre - 97%) [WINDOWS XP] # NTFS

F:\ -> Disco fixo # 297 Gb (271 Mb livre - 91%) [Fernando] # NTFS

G:\ -> CD-ROM

J:\ -> Disco remov?vel # 4 Gb (2 Mb livre - 60%) [sAULO] # FAT32

################## | Ficheiros # pastas infeciosos |

Supprimido ! C:\Users\Jhon\AppData\Local\Temp\E_4

################## | Registro |

Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools

Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{2eeb8904-0910-11de-9042-8b2ebe2af294}

################## | Listing |

[06/07/2010 - 16:45:38 | SHD ] C:\$Recycle.Bin

[11/06/2010 - 10:50:55 | D ] C:\32788R22FWJFW

[04/07/2010 - 23:09:43 | A | 5030] C:\Ad-Report-CLEAN[1].txt

[27/06/2010 - 00:37:16 | A | 2803] C:\add_pontos.php

[30/03/2010 - 01:19:42 | D ] C:\AdobeTemp

[17/06/2010 - 16:17:38 | D ] C:\AppServ

[22/02/2009 - 21:09:44 | SHD ] C:\Arquivos de programas

[20/09/2009 - 23:27:26 | A | 0] C:\AUTOEXEC.BAT

[23/02/2009 - 03:06:46 | SHD ] C:\Boot

[23/05/2010 - 03:11:54 | ASH | 209] C:\boot.ini

[28/10/2001 - 15:06:10 | RASH | 4952] C:\Bootfont.bin

[18/01/2008 - 23:45:46 | RASH | 333203] C:\bootmgr

[20/09/2009 - 23:27:26 | A | 0] C:\CONFIG.SYS

[25/06/2010 - 21:57:11 | A | 0] C:\conmgr.log

[05/07/2010 - 03:25:24 | A | 21285] C:\debug.log

[02/11/2006 - 12:41:02 | SHD ] C:\Documents and Settings

[15/05/2010 - 19:55:40 | D ] C:\downloads

[17/06/2010 - 01:52:41 | A | 256383] C:\EyeCandyLog.txt

[23/05/2010 - 22:56:57 | RASH | 171136] C:\grldr

[29/06/2010 - 02:37:43 | A | 7049418] C:\HelixLog.txt

[06/07/2010 - 10:32:30 | A | 0] C:\hpzids01.log

[30/03/2010 - 01:33:19 | D ] C:\Icones

[20/09/2009 - 23:27:26 | RASH | 0] C:\IO.SYS

[19/06/2010 - 02:44:27 | D ] C:\Meus Sites

[20/09/2009 - 23:27:26 | RASH | 0] C:\MSDOS.SYS

[06/04/2010 - 02:23:07 | D ] C:\MUSERVER

[03/08/2004 - 22:38:34 | RASH | 47564] C:\NTDETECT.COM

[03/08/2004 - 22:59:34 | RASH | 251168] C:\ntldr

[11/11/2000 - 09:35:24 | A | 176128] C:\NULL

[22/02/2009 - 21:16:22 | D ] C:\NVIDIA

[17/05/2010 - 11:40:27 | AH | 651] C:\os084633.bin

[23/10/2009 - 00:41:09 | AH | 772] C:\os503778.bin

[06/07/2010 - 15:16:53 | ASH | 8902602752] C:\pagefile.sys

[21/11/2009 - 10:28:26 | D ] C:\PortScan

[18/06/2010 - 00:12:58 | D ] C:\Program Files

[06/07/2010 - 01:26:08 | D ] C:\Program Files (x86)

[04/07/2010 - 03:45:13 | D ] C:\ProgramData

[06/07/2010 - 16:16:56 | SHD ] C:\RECYCLER

[30/03/2010 - 01:35:12 | D ] C:\Skins

[25/02/2009 - 10:57:51 | D ] C:\SQLEVAL

[26/09/2009 - 04:40:33 | D ] C:\SQLEVAL2

[02/10/2009 - 03:26:04 | AH | 268] C:\sqmdata00.sqm

[02/10/2009 - 03:26:04 | AH | 172] C:\sqmnoopt00.sqm

[23/05/2010 - 01:35:29 | SHD ] C:\System Volume Information

[04/07/2010 - 05:33:25 | A | 4108] C:\transferir_mresets_done.php

[06/07/2010 - 16:45:38 | D ] C:\UsbFix

[06/07/2010 - 16:44:02 | A | 3748] C:\UsbFix.txt

[29/04/2010 - 22:57:27 | RD ] C:\Users

[05/07/2010 - 23:22:24 | D ] C:\Windows

[06/07/2010 - 16:45:38 | SHD ] D:\$RECYCLE.BIN

[21/02/2009 - 15:59:23 | A | 93580000] D:\182.06_geforce_winxp_64bit_english_whql.exe

[20/02/2010 - 04:24:17 | D ] D:\Adobe CS4

[26/02/2009 - 15:55:26 | D ] D:\ARQUIVOS EXE

[08/04/2010 - 01:46:54 | D ] D:\ARQUIVOS RAR

[09/02/2010 - 00:49:13 | A | 28002] D:\asciifull.gif

[22/02/2009 - 12:04:40 | D ] D:\Auto runs

[06/03/2009 - 15:40:30 | A | 528] D:\Boot R?pido.rar

[11/07/2005 - 19:05:10 | A | 1242] D:\Boot R?pido.reg

[20/09/2009 - 23:57:21 | D ] D:\DADOS

[23/02/2009 - 00:38:30 | SH | 83] D:\desktop.ini

[05/09/2009 - 12:50:30 | D ] D:\Drivers Vista

[29/03/2010 - 02:39:18 | D ] D:\EDIMAX WIRELESS

[22/02/2009 - 12:04:50 | D ] D:\Fonts

[16/05/2010 - 16:03:51 | D ] D:\images

[22/02/2009 - 12:26:54 | A | 46598545] D:\Instalar_MuAwaY_Sem_Som.exe

[23/02/2009 - 00:58:40 | A | 607640] D:\jxpiinstall-6u12-fcs-bin-b04-windows-i586-17_jan_2009.exe

[07/09/2009 - 19:30:42 | D ] D:\NEED2

[22/02/2009 - 12:12:29 | D ] D:\Nero-7.9.6.0-Ultra

[29/05/2010 - 20:29:33 | D ] D:\niver barbara

[30/03/2010 - 01:15:10 | D ] D:\Original

[16/04/2010 - 15:15:24 | D ] D:\Orkut divulgador

[16/01/2010 - 08:39:27 | A | 71572] D:\PAINEL MIGRADOR.rar

[10/02/2009 - 22:55:48 | A | 6560523] D:\realalt190.exe

[06/07/2010 - 16:16:56 | SHD ] D:\RECYCLER

[27/01/2010 - 13:42:56 | D ] D:\Sim-mula__chankongsang--UV

[04/02/2009 - 11:08:09 | A | 30912967] D:\Sim-mula__chankongsang--UV.rar

[23/10/2009 - 02:50:09 | D ] D:\SITES

[22/02/2009 - 12:07:32 | D ] D:\Studio 8

[15/04/2010 - 08:38:37 | SHD ] D:\System Volume Information

[19/10/2009 - 22:24:24 | D ] D:\testando

[30/04/2010 - 03:03:26 | D ] D:\TEXTO

[01/02/2009 - 18:04:42 | A | 356775416] D:\Um Faz de Conta que Acontece.www.TheEvolution.org.Dj.Deh.rmvb

[20/09/2009 - 11:04:52 | D ] D:\Utilitarios

[22/03/2010 - 16:07:08 | A | 682436608] D:\Windows XP.iso

[06/07/2010 - 16:45:38 | SHD ] E:\$RECYCLE.BIN

[24/05/2010 - 00:29:07 | RD ] E:\Arquivos de programas

[23/05/2010 - 01:35:21 | D ] E:\Documents and Settings

[29/06/2010 - 16:32:55 | ASH | 2145386496] E:\pagefile.sys

[23/05/2010 - 03:36:57 | D ] E:\Program Files

[06/07/2010 - 16:16:56 | SHD ] E:\RECYCLER

[23/05/2010 - 01:34:39 | SHD ] E:\System Volume Information

[23/05/2010 - 03:36:01 | D ] E:\WINDOWS

[06/07/2010 - 16:45:38 | SHD ] F:\$RECYCLE.BIN

[05/09/2009 - 00:21:11 | A | 171626] F:\-juntar.rar

[28/05/2010 - 16:41:41 | D ] F:\db

[13/01/2010 - 14:02:31 | D ] F:\dbsong

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.1028.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.1031.txt

[07/11/2007 - 07:00:40 | A | 10134] F:\eula.1033.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.1036.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.1040.txt

[07/11/2007 - 07:00:40 | A | 118] F:\eula.1041.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.1042.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.2052.txt

[07/11/2007 - 07:00:40 | A | 17734] F:\eula.3082.txt

[20/09/2009 - 22:42:59 | D ] F:\Filmes

[22/05/2010 - 06:02:39 | A | 1837636608] F:\GB Hard Disk.vhd

[07/11/2007 - 07:00:40 | A | 1110] F:\globdata.ini

[07/11/2007 - 07:44:20 | A | 855040] F:\install.exe

[07/11/2007 - 07:00:40 | A | 843] F:\install.ini

[07/11/2007 - 07:44:20 | A | 75280] F:\install.res.1028.dll

[07/11/2007 - 07:44:20 | A | 95248] F:\install.res.1031.dll

[07/11/2007 - 07:44:20 | A | 90128] F:\install.res.1033.dll

[07/11/2007 - 07:44:20 | A | 96272] F:\install.res.1036.dll

[07/11/2007 - 07:44:20 | A | 94224] F:\install.res.1040.dll

[07/11/2007 - 07:44:20 | A | 80400] F:\install.res.1041.dll

[07/11/2007 - 07:44:20 | A | 78864] F:\install.res.1042.dll

[07/11/2007 - 07:44:20 | A | 74768] F:\install.res.2052.dll

[07/11/2007 - 07:44:20 | A | 95248] F:\install.res.3082.dll

[07/02/2010 - 03:17:43 | D ] F:\JhOnZiNhOo

[12/01/2010 - 06:45:24 | D ] F:\Leave

[09/03/2010 - 14:28:34 | RHD ] F:\MSOCache

[23/04/2010 - 11:28:37 | D ] F:\MUSERVER

[15/06/2009 - 11:03:12 | A | 35107254] F:\MUSERVER333.rar

[10/12/2009 - 23:08:19 | A | 14469410] F:\MUSERVERFDP.rar

[19/11/2009 - 23:22:32 | D ] F:\MuServerMOTTO

[19/12/2009 - 03:09:15 | D ] F:\MUSERVER_WOLF

[06/07/2010 - 16:16:57 | SHD ] F:\RECYCLER

[06/07/2010 - 12:36:49 | SHD ] F:\System Volume Information

[15/01/2010 - 04:55:00 | D ] F:\testedb

[07/11/2007 - 07:00:40 | A | 5686] F:\vcredist.bmp

[07/11/2007 - 07:50:40 | A | 1927956] F:\VC_RED.cab

[07/11/2007 - 07:53:12 | A | 242176] F:\VC_RED.MSI

[28/05/2010 - 16:52:03 | D ] F:\viper

[30/06/2010 - 17:59:58 | A | 741616474] J:\Ela é Demais pra mim.AVI

[07/06/2010 - 17:36:36 | A | 174471] J:\barbara.mef

[15/06/2010 - 13:52:14 | A | 1237910] J:\IRD.Lexuzbox.F-36.v1.18.32.2010Apr13.ird

[09/06/2009 - 00:05:04 | A | 173958] J:\cas.mef

[03/07/2010 - 17:17:50 | SH | 151] J:\desktop.ini

[22/06/2010 - 15:38:16 | A | 327680] J:\FDU_RBP_22_06_10.fdu

[04/07/2010 - 22:35:06 | A | 3128320] J:\_timeshift.ts_

[05/07/2010 - 03:25:18 | A | 656558738] J:\Eclipse.AVI

################## | Vaccin |

C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

E:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

F:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

J:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

################## | Upload |

Favor enviar o arquivo: C:\UsbFix_Upload_Me_MUONLINE.zip

http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuiç?o.

################## | E.O.F |

wings · Julho 6, 2010

1.

Favor enviar o arquivo: C:\UsbFix_Upload_Me_MUONLINE.zip

http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição.

2.

*Duplo clique em UsbFix

*Clique em [uninstall]

3.

*Baixe o Kaspersky Virus Removal Tool e salve-o no desktop

*Instale o programa

*A tela principal do programa será aberta automaticamente

*Selecione a opção:

[] Meu Computador

*Clique em [start scan]....aguarde. Pode demorar.

*Caso encontre algo, clique em [skip]

*Ao término do scan, clique em [Report]

*Uma janela chamada "Detailed report" será aberta

*Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados

*Clique com o botão direito do mouse e selecione "Select all"

*Clique novamente com o botão direito do mouse e selecione "Copy"

*Abra o bloco de notas e cole (Ctrl+v) e salve o arquivo no desktop como log.txt

*Feche a janela "Detailed report" do Kasperky

*Na tela principal do Kaspersky clique em [Exit] > [No]

*Cole o relatório salvo no desktop na sua próxima resposta

fabsc · Julho 7, 2010

Autoscan: completed <1 minute ago (events: 306, objects: 990845, time: 10:46:46)

06/07/2010 17:27:40 Task started

06/07/2010 17:41:53 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class

06/07/2010 17:42:10 Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class Skipped by user

06/07/2010 17:42:17 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class

06/07/2010 17:42:21 Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class Skipped by user

06/07/2010 17:59:33 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class

06/07/2010 17:59:33 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class

06/07/2010 18:12:07 Detected: DoS.Win32.Nutod.a C:\Documents and Settings\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar/donut_http_flooder_1.4/flooder.exe

06/07/2010 18:12:13 Detected: Trojan-Downloader.Win32.Homa.bwz C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe Injected.exe

06/07/2010 23:01:11 Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class Skipped by user

06/07/2010 23:01:11 Untreated: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class Skipped by user

06/07/2010 23:01:14 Untreated: DoS.Win32.Nutod.a C:\Documents and Settings\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar/donut_http_flooder_1.4/flooder.exe Write not supported

06/07/2010 23:01:16 Untreated: Trojan-Downloader.Win32.Homa.bwz C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe Injected.exe Write not supported

06/07/2010 23:01:17 Detected: Backdoor.Win32.Turkojan.hlw C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe.dll

06/07/2010 23:20:58 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer1/DataServer.exe

06/07/2010 23:21:01 Untreated: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer1/DataServer.exe Write not supported

06/07/2010 23:21:12 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer3/DataServer.exe

06/07/2010 23:21:16 Untreated: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer3/DataServer.exe Write not supported

06/07/2010 23:23:18 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.exe

06/07/2010 23:23:24 Untreated: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.exe Write not supported

06/07/2010 23:23:32 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.rar/GetSerial.exe

06/07/2010 23:23:37 Untreated: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.rar/GetSerial.exe Write not supported

06/07/2010 23:26:40 Detected: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Documents and Settings\Jhon\Downloads\fortguardsetup.exe/data0020

06/07/2010 23:26:42 Untreated: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Documents and Settings\Jhon\Downloads\fortguardsetup.exe/data0020 Write not supported

06/07/2010 23:28:07 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

06/07/2010 23:28:10 Untreated: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe Write not supported

06/07/2010 23:28:10 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

06/07/2010 23:28:11 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

06/07/2010 23:28:12 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

06/07/2010 23:28:13 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

06/07/2010 23:28:20 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:22 Untreated: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe Write not supported

06/07/2010 23:28:22 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:23 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:24 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:25 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:26 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:27 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:28 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:29 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:30 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:31 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

06/07/2010 23:28:32 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:28:33 Untreated: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe Write not supported

06/07/2010 23:28:33 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:28:34 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:28:35 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:28:36 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:28:37 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

06/07/2010 23:31:02 Detected: Trojan-Banker.Win32.Agent.wz C:\Documents and Settings\Jhon\Downloads\MudinhoPatch.zip/MudinhoPatch.exe/data0002/ASPack

06/07/2010 23:31:02 Detected: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part/SL_WAP.exe/UPX/data0001.res/UPX

06/07/2010 23:31:02 Detected: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part/SL_WAP.exe/UPX/data0001.res/UPX

06/07/2010 23:31:07 Untreated: Trojan-Banker.Win32.Agent.wz C:\Documents and Settings\Jhon\Downloads\MudinhoPatch.zip/MudinhoPatch.exe/data0002/ASPack Write not supported

06/07/2010 23:31:08 Untreated: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part/SL_WAP.exe/UPX/data0001.res/UPX Write not supported

06/07/2010 23:31:13 Untreated: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part/SL_WAP.exe/UPX/data0001.res/UPX Write not supported

06/07/2010 23:34:13 Detected: Trojan-Downloader.Win32.SMW.r C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0000.res/UPX

06/07/2010 23:34:15 Untreated: Trojan-Downloader.Win32.SMW.r C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0000.res/UPX Write not supported

06/07/2010 23:34:16 Detected: Trojan-Downloader.Win32.SMW.q C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0001.res/UPX

06/07/2010 23:34:17 Untreated: Trojan-Downloader.Win32.SMW.q C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0001.res/UPX Write not supported

06/07/2010 23:36:10 Detected: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall(2).exe

06/07/2010 23:36:14 Untreated: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall(2).exe Skipped by user

06/07/2010 23:36:15 Detected: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall.exe.part

06/07/2010 23:36:19 Untreated: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall.exe.part Skipped by user

06/07/2010 23:40:24 Detected: Hoax.Win32.BadJoke.Delf.eg C:\Documents and Settings\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar/Boleto Pro 1.3x (PT-BR)/keygen.exe

06/07/2010 23:40:29 Detected: Trojan-Spy.Win32.Ardamax.dwl C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe

06/07/2010 23:40:31 Untreated: Hoax.Win32.BadJoke.Delf.eg C:\Documents and Settings\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar/Boleto Pro 1.3x (PT-BR)/keygen.exe Write not supported

06/07/2010 23:40:33 Untreated: Trojan-Spy.Win32.Ardamax.dwl C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe Skipped by user

06/07/2010 23:41:13 Detected: Trojan.Win32.Genome.jkfs C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run

06/07/2010 23:41:18 Untreated: Trojan.Win32.Genome.jkfs C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run Skipped by user

06/07/2010 23:41:19 Detected: Backdoor.Win32.Hupigon.kwnn C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe

06/07/2010 23:41:20 Untreated: Backdoor.Win32.Hupigon.kwnn C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe Skipped by user

06/07/2010 23:45:11 Detected: Trojan-Spy.Win32.Ardamax.dwl C:\MUSERVER\EXDB\ExDB.exe

06/07/2010 23:45:17 Untreated: Trojan-Spy.Win32.Ardamax.dwl C:\MUSERVER\EXDB\ExDB.exe Skipped by user

06/07/2010 23:45:23 Detected: Trojan.Win32.Genome.jkfs C:\MUSERVER\GS_CS\odbcdb.run

06/07/2010 23:45:24 Detected: Backdoor.Win32.Hupigon.kwnn C:\MUSERVER\JOINSERVER\JoinServer.exe

06/07/2010 23:45:28 Untreated: Trojan.Win32.Genome.jkfs C:\MUSERVER\GS_CS\odbcdb.run Skipped by user

06/07/2010 23:45:36 Untreated: Backdoor.Win32.Hupigon.kwnn C:\MUSERVER\JOINSERVER\JoinServer.exe Skipped by user

07/07/2010 00:34:57 Detected: Trojan.Win32.Buzus.eflr C:\Program Files (x86)\MU MAD! [com som]\findhack.exe/Molebox

07/07/2010 00:35:00 Untreated: Trojan.Win32.Buzus.eflr C:\Program Files (x86)\MU MAD! [com som]\findhack.exe/Molebox Skipped by user

07/07/2010 00:35:01 Detected: Trojan-GameThief.Win32.Magania.dicl C:\Program Files (x86)\MU MAD! [com som]\muv8.exe

07/07/2010 00:35:03 Untreated: Trojan-GameThief.Win32.Magania.dicl C:\Program Files (x86)\MU MAD! [com som]\muv8.exe Skipped by user

07/07/2010 01:06:28 Detected: Trojan-Downloader.Java.Agent.au C:\Users\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class

07/07/2010 01:06:30 Detected: Trojan-Downloader.Java.Agent.au C:\Users\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class

07/07/2010 01:06:31 Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class Skipped by user

07/07/2010 01:06:32 Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class Skipped by user

07/07/2010 01:22:51 Detected: Trojan-Downloader.Java.Agent.au C:\Users\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class

07/07/2010 01:22:51 Detected: Trojan-Downloader.Java.Agent.au C:\Users\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class

07/07/2010 01:22:53 Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class Skipped by user

07/07/2010 01:22:56 Untreated: Trojan-Downloader.Java.Agent.au C:\Users\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class Skipped by user

07/07/2010 01:35:45 Detected: DoS.Win32.Nutod.a C:\Users\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar/donut_http_flooder_1.4/flooder.exe

07/07/2010 01:35:48 Untreated: DoS.Win32.Nutod.a C:\Users\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar/donut_http_flooder_1.4/flooder.exe Write not supported

07/07/2010 01:35:53 Detected: Trojan-Downloader.Win32.Homa.bwz C:\Users\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe Injected.exe

07/07/2010 01:35:57 Untreated: Trojan-Downloader.Win32.Homa.bwz C:\Users\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe Injected.exe Write not supported

07/07/2010 01:35:58 Detected: Backdoor.Win32.Turkojan.hlw C:\Users\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe.dll

07/07/2010 01:56:22 Detected: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer1/DataServer.exe

07/07/2010 01:56:26 Untreated: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer1/DataServer.exe Write not supported

07/07/2010 01:56:37 Detected: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer3/DataServer.exe

07/07/2010 01:56:40 Untreated: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer3/DataServer.exe Write not supported

07/07/2010 01:57:28 Detected: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.exe

07/07/2010 01:57:35 Untreated: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.exe Write not supported

07/07/2010 01:57:42 Detected: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.rar/GetSerial.exe

07/07/2010 01:57:45 Untreated: Packed.Win32.Black.a C:\Users\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.rar/GetSerial.exe Write not supported

07/07/2010 01:57:46 Detected: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Users\Jhon\Downloads\fortguardsetup.exe/data0020

07/07/2010 01:57:59 Untreated: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Users\Jhon\Downloads\fortguardsetup.exe/data0020 Write not supported

07/07/2010 01:58:00 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:01 Untreated: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe Write not supported

07/07/2010 01:58:01 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:02 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:03 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:04 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:05 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 01:58:05 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:08 Untreated: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe Write not supported

07/07/2010 01:58:08 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:09 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:10 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:11 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:12 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:13 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:14 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:15 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:16 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:17 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

07/07/2010 01:58:23 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:25 Untreated: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe Write not supported

07/07/2010 01:58:25 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:26 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:27 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:28 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:29 Detected: HEUR:Trojan.Win32.Generic C:\Users\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 01:58:30 Detected: Trojan-Downloader.Win32.SMW.k C:\Users\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part/SL_WAP.exe/UPX/data0001.res/UPX

07/07/2010 01:58:30 Detected: Trojan-Downloader.Win32.SMW.k C:\Users\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part/SL_WAP.exe/UPX/data0001.res/UPX

07/07/2010 01:58:32 Detected: Trojan-Banker.Win32.Agent.wz C:\Users\Jhon\Downloads\MudinhoPatch.zip/MudinhoPatch.exe/data0002/ASPack

07/07/2010 01:58:32 Untreated: Trojan-Downloader.Win32.SMW.k C:\Users\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part/SL_WAP.exe/UPX/data0001.res/UPX Write not supported

07/07/2010 01:58:33 Untreated: Trojan-Downloader.Win32.SMW.k C:\Users\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part/SL_WAP.exe/UPX/data0001.res/UPX Write not supported

07/07/2010 01:58:39 Deleted: Trojan-Banker.Win32.Agent.wz C:\Users\Jhon\Downloads\MudinhoPatch.zip/MudinhoPatch.exe

07/07/2010 01:58:41 Detected: Trojan-Downloader.Win32.SMW.r C:\Users\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0000.res/UPX

07/07/2010 01:58:43 Untreated: Trojan-Downloader.Win32.SMW.r C:\Users\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0000.res/UPX Write not supported

07/07/2010 01:58:43 Detected: Trojan-Downloader.Win32.SMW.q C:\Users\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0001.res/UPX

07/07/2010 01:58:45 Untreated: Trojan-Downloader.Win32.SMW.q C:\Users\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0001.res/UPX Write not supported

07/07/2010 01:58:49 Detected: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall(2).exe

07/07/2010 01:58:51 Untreated: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall(2).exe Skipped by user

07/07/2010 01:58:51 Detected: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall.exe.part

07/07/2010 01:58:52 Untreated: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall.exe.part Skipped by user

07/07/2010 01:59:17 Detected: Hoax.Win32.BadJoke.Delf.eg C:\Users\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar/Boleto Pro 1.3x (PT-BR)/keygen.exe

07/07/2010 01:59:20 Untreated: Hoax.Win32.BadJoke.Delf.eg C:\Users\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar/Boleto Pro 1.3x (PT-BR)/keygen.exe Write not supported

07/07/2010 01:59:23 Detected: Trojan-Spy.Win32.Ardamax.dwl C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe

07/07/2010 01:59:25 Untreated: Trojan-Spy.Win32.Ardamax.dwl C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe Skipped by user

07/07/2010 01:59:32 Detected: Trojan.Win32.Genome.jkfs C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run

07/07/2010 01:59:36 Untreated: Trojan.Win32.Genome.jkfs C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run Skipped by user

07/07/2010 01:59:37 Detected: Backdoor.Win32.Hupigon.kwnn C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe

07/07/2010 01:59:51 Untreated: Backdoor.Win32.Hupigon.kwnn C:\Users\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe Skipped by user

07/07/2010 04:04:54 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps 2.5.0 Registered.EXE/data0003/Armadillo

07/07/2010 04:05:02 Untreated: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps 2.5.0 Registered.EXE/data0003/Armadillo Write not supported

07/07/2010 04:05:30 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS.rar/Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo

07/07/2010 04:05:32 Untreated: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS.rar/Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo Write not supported

07/07/2010 04:06:30 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo

07/07/2010 04:06:33 Untreated: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo Write not supported

07/07/2010 04:10:27 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

07/07/2010 04:10:31 Untreated: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe Write not supported

07/07/2010 04:10:32 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

07/07/2010 04:10:33 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

07/07/2010 04:10:58 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:02 Untreated: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe Write not supported

07/07/2010 04:11:02 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:03 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:04 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:05 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:06 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:07 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:08 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:09 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

07/07/2010 04:11:15 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:17 Untreated: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe Write not supported

07/07/2010 04:11:18 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:19 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:20 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:21 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:22 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:23 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:24 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:25 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

07/07/2010 04:11:26 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 04:11:30 Untreated: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe Write not supported

07/07/2010 04:11:30 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 04:11:31 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 04:11:32 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 04:11:33 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

07/07/2010 04:14:26 Task completed

wings · Julho 7, 2010

Muitos arquivos contaminados de jogos, cracks, servidores de trojans, keyloggers, etc...

*Abra a pasta Virus Removal Tool, localizada no desktop, duplo clique no atalho Start

*A tela principal do Kaspersky será aberta novamente

*Selecione a opção:

[] Meu Computador

*Clique em [start scan]....aguarde. Pode demorar.

*Caso encontre algo, clique em [Disinfect], caso não seja possível, clique em [Delete]

*Ao término do scan, clique em [Report]

*Clique no sinal [+] ao lado de Autoscan para expandir os eventos encontrados

*Clique com o botão direito do mouse e selecione "Select all"

*Clique novamente com o botão direito do mouse e selecione "Copy"

*Abra o bloco de notas e cole (Ctrl+v) e salve o arquivo no desktop como log2.txt

*Feche a janela "Detailed report" do Kasperky

*Na tela principal do Kaspersky clique em [Exit] > [No]

*Cole o relatório salvo no desktop na sua próxima resposta

fabsc · Julho 8, 2010

Autoscan: completed 3 minutes ago (events: 197, objects: 490312, time: 02:11:46)

08/07/2010 00:24:38 Task started

08/07/2010 00:36:28 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class

08/07/2010 00:36:31 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class

08/07/2010 00:36:34 Deleted: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2ee302f6-1cf260cd/Inicio.class

08/07/2010 00:36:34 Deleted: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Casa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4b901aeb-788acc05/Inicio.class

08/07/2010 00:43:44 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class

08/07/2010 00:43:44 Detected: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class

08/07/2010 00:43:49 Deleted: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3caf136f-3064b8a0/Inicio.class

08/07/2010 00:43:49 Deleted: Trojan-Downloader.Java.Agent.au C:\Documents and Settings\Jhon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\a6b36ef-48e21c02/Inicio.class

08/07/2010 00:48:58 Detected: DoS.Win32.Nutod.a C:\Documents and Settings\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar/donut_http_flooder_1.4/flooder.exe

08/07/2010 00:49:03 Detected: Trojan-Downloader.Win32.Homa.bwz C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe Injected.exe

08/07/2010 00:49:39 Deleted: DoS.Win32.Nutod.a C:\Documents and Settings\Jhon\Desktop\donut_http_flooder_1.4\donut_http_flooder_1.4.rar

08/07/2010 00:49:40 Detected: Backdoor.Win32.Turkojan.hlw C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe/sXe.dll

08/07/2010 00:49:40 Deleted: Backdoor.Win32.Turkojan.hlw C:\Documents and Settings\Jhon\Desktop\Jogos\sXeInjectedSetup.8.5.exe

08/07/2010 01:04:26 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer1/DataServer.exe

08/07/2010 01:05:26 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/DataServer3/DataServer.exe

08/07/2010 01:06:08 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.exe

08/07/2010 01:06:16 Detected: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar/MuServer/GetSerial/GetSerial.rar/GetSerial.exe

08/07/2010 01:06:20 Deleted: Packed.Win32.Black.a C:\Documents and Settings\Jhon\Downloads\1112223344xxxaaeeMuServerxNoiaxKJa.rar

08/07/2010 01:06:21 Detected: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Documents and Settings\Jhon\Downloads\fortguardsetup.exe/data0020

08/07/2010 01:07:08 Deleted: not-a-virus:AdWare.Win32.AdSubscribe.cbl C:\Documents and Settings\Jhon\Downloads\fortguardsetup.exe

08/07/2010 01:07:12 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 01:07:24 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 01:07:25 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 01:07:25 Deleted: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(2).rar

08/07/2010 01:07:26 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

08/07/2010 01:07:37 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

08/07/2010 01:07:38 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar/GretaGB7B.exe

08/07/2010 01:07:38 Deleted: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B(3).rar

08/07/2010 01:07:39 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 01:07:55 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 01:07:56 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 01:07:57 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 01:07:57 Deleted: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Jhon\Downloads\GretaGB7B.rar

08/07/2010 01:08:01 Detected: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part/SL_WAP.exe/UPX/data0001.res/UPX

08/07/2010 01:08:01 Detected: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part/SL_WAP.exe/UPX/data0001.res/UPX

08/07/2010 01:08:03 Detected: Trojan-Downloader.Win32.SMW.r C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0000.res/UPX

08/07/2010 01:08:23 Deleted: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP(2).rar.part

08/07/2010 01:08:24 Deleted: Trojan-Downloader.Win32.SMW.k C:\Documents and Settings\Jhon\Downloads\Launcher WAP & SL_WAP.rar.part

08/07/2010 01:08:24 Detected: Trojan-Downloader.Win32.SMW.q C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar/SL WAP.exe/UPX/data0001.res/UPX

08/07/2010 01:08:26 Deleted: Trojan-Downloader.Win32.SMW.q C:\Documents and Settings\Jhon\Downloads\SL WAP TCP.rar

08/07/2010 01:08:28 Detected: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall(2).exe

08/07/2010 01:08:30 Cannot be deleted: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall(2).exe Object not found

08/07/2010 01:08:39 Detected: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall.exe.part

08/07/2010 01:08:40 Untreated: Trojan.Win32.Swizzor.d C:\Documents and Settings\Jhon\Downloads\uninstall.exe.part Skipped by user

08/07/2010 01:08:50 Detected: Hoax.Win32.BadJoke.Delf.eg C:\Documents and Settings\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar/Boleto Pro 1.3x (PT-BR)/keygen.exe

08/07/2010 01:08:55 Detected: Trojan-Spy.Win32.Ardamax.dwl C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe

08/07/2010 01:09:03 Deleted: Hoax.Win32.BadJoke.Delf.eg C:\Documents and Settings\Jhon\Downloads\RAR\Boleto.www.downgratisDindoPro1.3x.PT-BR.rar

08/07/2010 01:09:04 Deleted: Trojan-Spy.Win32.Ardamax.dwl C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/EXDB/ExDB.exe

08/07/2010 01:09:11 Detected: Trojan.Win32.Genome.jkfs C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run

08/07/2010 01:09:13 Deleted: Trojan.Win32.Genome.jkfs C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/GS_CS/odbcdb.run

08/07/2010 01:09:13 Detected: Backdoor.Win32.Hupigon.kwnn C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe

08/07/2010 01:09:15 Deleted: Backdoor.Win32.Hupigon.kwnn C:\Documents and Settings\Jhon\Downloads\RAR\MS.99+S2+3D.zip/MUSERVER/JOINSERVER/JoinServer.exe

08/07/2010 01:10:36 Detected: Trojan-Spy.Win32.Ardamax.dwl C:\MUSERVER\EXDB\ExDB.exe

08/07/2010 01:10:42 Detected: Trojan.Win32.Genome.jkfs C:\MUSERVER\GS_CS\odbcdb.run

08/07/2010 01:10:42 Detected: Backdoor.Win32.Hupigon.kwnn C:\MUSERVER\JOINSERVER\JoinServer.exe

08/07/2010 01:11:01 Deleted: Trojan-Spy.Win32.Ardamax.dwl C:\MUSERVER\EXDB\ExDB.exe

08/07/2010 01:11:02 Deleted: Trojan.Win32.Genome.jkfs C:\MUSERVER\GS_CS\odbcdb.run

08/07/2010 01:11:07 Deleted: Backdoor.Win32.Hupigon.kwnn C:\MUSERVER\JOINSERVER\JoinServer.exe

08/07/2010 01:27:22 Detected: Trojan-GameThief.Win32.Magania.dicl C:\Program Files (x86)\MU MAD! [com som]\muv8.exe

08/07/2010 01:27:23 Detected: Trojan.Win32.Buzus.eflr C:\Program Files (x86)\MU MAD! [com som]\findhack.exe/Molebox

08/07/2010 01:27:51 Deleted: Trojan-GameThief.Win32.Magania.dicl C:\Program Files (x86)\MU MAD! [com som]\muv8.exe

08/07/2010 01:27:51 Deleted: Trojan.Win32.Buzus.eflr C:\Program Files (x86)\MU MAD! [com som]\findhack.exe

08/07/2010 01:53:15 Detected: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall.exe.part

08/07/2010 02:05:15 Deleted: Trojan.Win32.Swizzor.d C:\Users\Jhon\Downloads\uninstall.exe.part

08/07/2010 02:12:54 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps 2.5.0 Registered.EXE/data0003/Armadillo

08/07/2010 02:12:54 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo

08/07/2010 02:12:57 Detected: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS.rar/Fraps_2[1].5.0_Registered_by_r4z0r.rar/Fraps 2.5.0 Registered.EXE/data0003/Armadillo

08/07/2010 02:29:58 Deleted: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps 2.5.0 Registered.EXE

08/07/2010 02:29:59 Deleted: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS.rar

08/07/2010 02:29:59 Deleted: Trojan.Win32.Buzus.dyxq D:\ARQUIVOS RAR\CS FRAPS\Fraps_2[1].5.0_Registered_by_r4z0r.rar

08/07/2010 02:30:20 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

08/07/2010 02:30:27 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

08/07/2010 02:30:28 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

08/07/2010 02:30:29 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01/ecu32b06/GretaGB7B.exe

08/07/2010 02:30:29 Deleted: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ecu32b06.default\Cache\CBB7B11Cd01

08/07/2010 02:31:05 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

08/07/2010 02:33:27 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

08/07/2010 02:33:28 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

08/07/2010 02:33:29 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar/Gamerz Trainer GBS v5.21.exe

08/07/2010 02:33:29 Deleted: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\Gamerz Trainer GBS v5.21.rar

08/07/2010 02:33:30 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:46 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:47 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:48 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:49 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:50 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:51 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:52 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:53 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:54 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar/GretaGB7B.exe

08/07/2010 02:33:55 Deleted: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B(2).rar

08/07/2010 02:34:01 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 02:34:08 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 02:34:09 Detected: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar/GretaGB7B.exe

08/07/2010 02:34:09 Deleted: HEUR:Trojan.Win32.Generic E:\Documents and Settings\Fernando\Meus documentos\Downloads\GretaGB7B.rar

08/07/2010 02:36:24 Task completed

wings · Julho 8, 2010

OK...

Como está o PC?

1.

*Abra a pasta Virus Removal Tool, localizada no desktop, duplo clique no atalho Start

*A tela principal do Kaspersky será aberta novamente

*Clique em [Exit] > [Yes] > [sim] > [sim]

*O PC será reiniciado

*Delete o arquivo setup do Kaspersky e os logs salvos no desktop

fabsc · Julho 8, 2010

Olha, as letras estão ainda conforme as fotos la em cima,

A barra de inicio rapido ainda não está aparecendo,

>clico com o direito na barra inicial >> propriedades >> e marco "Mostrar barra de tarefas"

mais ela nem aparece, eu faço o mesmo procedimento e ela ja está desmarcada,

Quando ao firefox, está normal, agora nao ta dando mais erro, obrigado por enquando.

T+

wings · Julho 9, 2010

Quanto as letras, dê uma olhada em Painel de Controle > Regional and Language Options.

Quanto a barra de tarefas, dê uma lida:

http://windows.microsoft.com/pt-BR/windows-vista/Show-or-hide-the-taskbar

fabsc · Julho 9, 2010

é cara, a barra de tarefas está normal, somento o menu inicial rapido que nao está certo...

Quanto as letras, nao éos idiomas, pois quando eu estou escrevendo no bloco de notas por exemplo, ele escreve normal,

mas quanto eu vou salvar o arquivo, ai eu vou abrir denovo, as letras estao todas ruins, abraços e aT+

acho que o destino do meu pc vai ser outro,

vou formatar, assim resolvo todos problemas..

qq se acha?

wings · Julho 9, 2010

Crie um novo usuário e veja se o problema persiste.

fabsc · Julho 11, 2010

criei, e a barra de tarefas inicial tem no novo usuario, porem as letras persistem ruins!

wings · Julho 11, 2010

Isso é problema de codificação ou causado por algum programa que você instalou não há relação com malwares.

Crie um tópico na sala abaixo mostrando as imagens anexadas no seu primeiro post.

http://forum.imasters.com.br/index.php?/forum/43-microsoft-windows/

fabsc · Julho 11, 2010

Já fiz o que você pediu.

Muito obrigado pela ajuda, desde já eu agradeço..

Obrigado mesmo, abraços!

wings · Julho 12, 2010

PROBLEMA RESOLVIDO!

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Arquivado

[Resolvido!] Analise de log

Recommended Posts

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

fabsc 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22